>/Ctfs $

First Part Figure out what the real task of the challenge is. The Hardware Part Based on the given schematic, we have an RPI2040 controller connected to another mysterious chip via the I2C bus. After a quick search on Google to find out what the M24C02-WMN is, I discovered it’s an EEPROM memory. Therefore, I assumed that the main task is, of cour

Get Familiar with the Task In the first step, you have to figure out what the main task in this challenge is. As you may see, there is a text input form that updates the textContent depending on a strange-looking if statement. If you can manage to make this if statement evaluate to true, you'll know that your input-flag is correct. But wai

Get Familiar with the Task I assume you've already read the description and noticed that the flag in this challenge resembles a familiar Base64 encoding. However, after decoding it, you see what looks like a series of random bits: Q††Ð¤~“ĦZƒòÕöï!益§.§ä>îÓF7­Oþ²ë†Y+æèZs¶ ·¨2 [MQ™ìüF ¬ This time, the flag was truly encrypted. In th

First Part Well, since the description was rather brief, we can't learn much from it. Therefore, it's a good practice to start examining the application by running the command: strings program.ext in Linux to see what ASCII strings are stored in the application. On Windows, there are desktop applications for performing a similar search. I

First Part Look at the files │>PHISH_MARKET │ docker-compose.yml │ start.sh │ ├───market │ Dockerfile │ market │ wait-for-it.sh │ └───mysql Dockerfile init-db.sql As you may have noticed, there are 2 Docker containers: one with a MySQL database and another one containing the script wait-for-it.sh and the ma